Vulnerability Description
A vulnerability in the packet processing code of Cisco IOS Software for Cisco Aironet Access Points could allow an unauthenticated, adjacent attacker to retrieve content from memory on an affected device, which could lead to the disclosure of confidential information. The vulnerability is due to insufficient condition checks that are performed by the affected device when the device adds padding to egress packets. An attacker could exploit this vulnerability by sending a crafted IP packet to an affected device. A successful exploit could allow the attacker to retrieve content from memory on the affected device, which could lead to the disclosure of confidential information. Cisco Bug IDs: CSCvc21581.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Aironet Ap Firmware | - |
| Cisco | Aironet Ap | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/101643Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1039720Third Party AdvisoryVDB Entry
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
- http://www.securityfocus.com/bid/101643Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1039720Third Party AdvisoryVDB Entry
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
FAQ
What is CVE-2017-12279?
CVE-2017-12279 is a vulnerability with a CVSS score of 4.3 (MEDIUM). A vulnerability in the packet processing code of Cisco IOS Software for Cisco Aironet Access Points could allow an unauthenticated, adjacent attacker to retrieve content from memory on an affected dev...
How severe is CVE-2017-12279?
CVE-2017-12279 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-12279?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Aironet Ap Firmware, Cisco Aironet Ap.